Vulnerabilities and responsibilities: dealing with monsters in computer security

Purpose – The purpose of this paper is to analyze information security assessment in terms of cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security vulnerabilities, as well as to enable a proactive attitude towards preventing such vulnerabilities.\ud \ud Design/methodology/approach – Vulnerabilities in information security are compared to the concept of “monster” introduced by Martijntje Smits in philosophy of technology. The applicability of different strategies for dealing with monsters to information security is discussed, and the strategies are linked to attitudes in virtue ethics.\ud \ud Findings – It is concluded that the present approach can form the basis for dealing proactively with unknown future vulnerabilities in information security.\ud \ud Research limitations/implications – The research presented here does not define a stepwise approach for implementation of the recommended strategy in practice. This is future work.\ud \ud Practical implications – The results of this paper enable computer experts to rethink their attitude towards security threats, thereby reshaping their practices.\ud \ud Originality/value – This paper provides an alternative anthropological framework for descriptive and normative analysis of information security problems, which does not rely on the objectivity of risk

Web development evolution: the assimilation of web engineering security

In today’s e-commerce environment, information is an incredibly valuable asset. Surveys indicate that companies are suffering staggering financial losses due to web security issues. Analyzing the underlying causes of these security breaches shows that a significant proportion of them are caused by straightforward design errors in systems and not by failures in security mechanisms. There is significant research into security mechanisms but there is little research into the integration of these into software design processes, even those processes specifically designed for Web Engineering. Security should be designed into the application development process upfront through an independent flexible methodology that contains customizable components

Web development evolution: the assimilation of web engineering security

In today’s e-commerce environment, information is an incredibly valuable asset. Surveys indicate that companies are suffering staggering financial losses due to web security issues. Analyzing the underlying causes of these security breaches shows that a significant proportion of them are caused by straightforward design errors in systems and not by failures in security mechanisms. There is significant research into security mechanisms but there is little research into the integration of these into software design processes, even those processes specifically designed for Web Engineering. Security should be designed into the application development process upfront through an independent flexible methodology that contains customizable components

Model-Based Security Testing

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582

Post-tsunami road reconstruction in Sri Lanka: Efficacy of mainstreaming disaster risk reduction

Following the 2004 Indian Ocean tsunami all roads in the affected areas in Sri Lanka were inaccessible during the immediate aftermath of the disaster either due to the damages they sustained or poor networking of roads and lack of contingency planning within the road network systems. This paper aims at proving the necessity of effective mainstreaming of disaster risk reduction during road reconstruction as a basic precondition for reduced exposure of road structures to hazards; improved resistance of road structures; improved resilience of authorities/teams involved in road projects. It presents the experiences of the road reconstruction sector in Sri Lanka following the 2004 Indian Ocean Tsunami. The paper discusses the perceptions of the key project stakeholders on mainstreaming disaster risk reduction and the effects of mainstreaming disaster risk reduction on vulnerability reduction. The study was empirically supported by the case study approach and independent expert interviews. This paper only presents the analysis of one case study which was conducted in a post-tsunami road reconstruction project in the Southern Sri Lanka, out of two case studies conducted within the stud

Towards Validating Risk Indicators Based on Measurement Theory (Extended version)

Due to the lack of quantitative information and for cost-efficiency, most risk assessment methods use partially ordered values (e.g. high, medium, low) as risk indicators. In practice it is common to validate risk indicators by asking stakeholders whether they make sense. This way of validation is subjective, thus error prone. If the metrics are wrong (not meaningful), then they may lead system owners to distribute security investments inefficiently. For instance, in an extended enterprise this may mean over investing in service level agreements or obtaining a contract that provides a lower security level than the system requires. Therefore, when validating risk assessment methods it is important to validate the meaningfulness of the risk indicators that they use. In this paper we investigate how to validate the meaningfulness of risk indicators based on measurement theory. Furthermore, to analyze the applicability of the measurement theory to risk indicators, we analyze the indicators used by a risk assessment method specially developed for assessing confidentiality risks in networks of organizations

Learning to Collaborate: Lessons Learned from Governance Processes Addressing the Impacts of Sea Level Rise on Transportation Corridors Across California

This study was designed to identify lessons learned from experiences of multi-stakeholder collaboration in governance processes focused on adaptation to sea level rise for specific transportation corridors/assets across different areas of California. Four transportation assets in California were selected as case studies: State Route 37 in the Bay Area; the Cardiff Beach Living Shorelines Project and the LOSSAN railroad at Del Mar in San Diego County; and the Port of Long Beach in Los Angeles County. The study methods included attendance of policy meetings; document analysis; and interviews of staff at (local, regional, and state) government bodies, transportation agencies, climate collaboratives, etc. The study identified three major governance challenges shared among these cases: (1) stakeholder involvement or collaboration with ‘unusual’ partners; (2) jurisdictional fragmentation; and (3) lack of funding. The lessons learned to address these challenges were: (a) include a wide range of stakeholders early on in the project; (b) identify an intermediary or facilitator with relevant knowledge and social capital with the stakeholders; (c) establish a forum for negotiations and information exchange; (d) draft a memorandum of understanding with the rules of collaboration; (e) appoint a project manager to tie all the project parts and stakeholders together and sustain engagement; (f) structure the collaboration in tiers from technical/operational to executive/political; (g) explore options to make any given project a multi-benefit project; (h) advocate for a multi-year stream of funding rather than a lump sum; (i) leverage collaboration for funding and highlight, to potential funders, the collaborative element as a means to increase the efficiency of their investment. Issues to consider when deriving lessons from other jurisdictions were: differences in capacity, or available resources and staff; the numbers of actors involved; pre-existing positive collaborative relationships between the actors; exposure of transportation assets to sea-level rise; existing vulnerabilities of the corridor/asset; and the economic relevance of the corridor/asset

A novel risk assessment and optimisation model for a multi-objective network security countermeasure selection problem

Budget cuts and the high demand in strengthening the security of computer systems and services constitute a challenge. Poor system knowledge and inappropriate selection of security measures may lead to unexpected financial and data losses. This paper proposes a novel Risk Assessment and Optimisation Model (RAOM) to solve a security countermeasure selection problem, where variables such as financial cost and risk may affect a final decision. A Multi-Objective Tabu Search (MOTS) algorithm has been developed to construct an efficient frontier of non-dominated solutions, which can satisfy organisational security needs in a cost-effective manner